CONTACT 201 Bell Hall - Buffalo, New York 14260-2000 - (716) 645-3180
© 2008, University at Buffalo, All rights reserved. | Privacy | Accessibility
Eastern Great Lakes Theory Workshop Talk
Leakage Resilient Computation
Yevgeniy Vahlis, University of Toronto
Saturday, October 3, 5:00-5:15pm
ABSTRACT
A common assumption made by cryptographers is that computers are built using secure hardware, i.e. an adversary can only interact with the device in a black box manner and does not have access to its internals. The reality is less friendly. Indeed, in most cases an adversary can perform side-channel attacks by making physical measurements on and around the device. Such attacks include measuring power consumption, uploading a malware to the device, transmitting stolen data over the internet, as well as attacks where the adversary gains access to the RAM of the device after it has been powered off (often referred to as "Cold Boot" attacks). A common approach to protecting against such attacks is to design more secure hardware. However, in recent years Cryptographers have been increasingly focused on algorithmic approaches for protecting against side channel attacks, thus trying to minimize the assumptions about the security of the underlying hardware.
In this work we construct an "obfuscator" that compiles any program that uses a secret key into a stateful program that remains secure even if the adversary leaks arbitrary information about its state during each invocation of the program. In our model there is no limit to the total amount of leakage that the adversary obtains, but the amount of leakage during each invocation is restricted. We obtain security by refreshing the state of the program every round in a manner that preserves functionality, but at the same time does not allow the adversary to efficiently combine leakage from multiple rounds.
For our physical leakage model we adopt the common assumption that "only computation leaks". That is, segments of memory that are not in use during the computation do not leak, or at least leak independently from the memory that is being computed on. In addition we use a leak free component which is memory-less and performs a fixed amount of computation. Essentially, our result provides a way of doing an arbitrary amount of leak-free computation based on the ability to perform compute a certain fixed function securely once per invocation.
Joint work with Ali Juma and Charles Rackoff.
Speaker Bio
Yevgeniy Vahlis received a B.Sc from the Hebrew University of Jerusalem in 2004, and an M.Sc from the University of Toronto at 2007 and is currently a PhD student at the University of Toronto under the advisement of Charles Rackoff.
Vahlis is a recipient of the Alexander Graham Bell Canada Graduate Scholarship.